Windows Safety Module
Windows Safety Module Description
Windows Safety Module may borrow its visuals from Microsoft security software, but as a rogue anti-virus program, Windows Safety Module doesn’t have any of the security-related functions to back up its looks.
Windows Safety Module: A Remarkably Risky Form of ‘Safety’ Software
Windows Safety Module can be identified both visually and through its attacks as a clone of previous examples of scamware from Win32/FakeVimes such as Security Master AV, Windows Firewall Constructor, Windows Pro Safety, Windows Personal Doctor, Windows Safety Manager, Smart Internet Protection 2011, Windows Advanced Toolkit, Windows First-Class Protector, Windows ProSecurity Scanner, Personal Security Sentinel, Windows AntiHazard Helper, Windows ProSecure Scanner, Windows Safety Checkpoint, Windows Privacy Module, Windows Be-on-Guard Edition, Windows Guard Tools, Windows Pro Rescuer, CleanUp Antivirus, Windows Smart Warden, Windows Internet Booster, Windows Maintenance Suite, Keep Center Keeper, Fast Antivirus 2009, Additional Guard, Windows Private Shield, Live Enterprise Suite, Live PC Care, Windows PRO Scanner, Windows Premium Defender, Windows System Defender, Windows Web Combat, Windows Virtual Angel, Windows AntiHazard Center, Security Antivirus, PrivacyGuard PRO, Windows Tools Patch, Windows Ultimate Safeguard, Windows No-Risk Center, Windows Secure Workshop, Personal Internet Security 2011, Windows Software Saver, Windows Software Keeper, Windows Enterprise Suite, Internet Security Essentials, System Protection Tools, My Security Shield, Windows High-End Protection, Windows Custom Safety, Windows Privacy Counsel, Windows Daily Adviser, Windows Turnkey Console, Smart Internet Protection 2012, Windows Pro Web Helper, Home Safety Essentials, Windows Threats Destroyer, Windows Efficiency Accelerator, Windows Secure Web Patch, Best Antivirus Software, Windows Web Commander, Windows Profound Security, Windows Security System, Windows Problems Stopper, Windows Interactive Security, Total Anti Malware Protection, Smart Engine, Windows Active Defender, Windows Security Renewal, Windows Security Suite, Home Malware Cleaner, Windows Shielding Utility, Windows Debug Center, Windows Performance Adviser, Windows Ultimate Security Patch, Extra Antivirus, Anti-Malware Lab, Windows Abnormality Checker, Windows Crucial Scanner, Windows Proactive Safety, Strong Malware Defender, Activate Ultimate Protection, Windows Stability Guard, Windows No-Risk Agent, Windows Antivirus Care, Windows Safeguard Upgrade, Volcano Security Suite, Smart Virus Eliminator, Windows Enterprise Defender, Windows Shield Tool, Windows Antivirus Patch, Windows Virtual Security, Windows Pro Safety Release, Windows Safety Maintenance, Windows Instant Scanner, Windows Performance Catalyst, Windows Safety Toolkit, Enterprise Suite, Windows Control Series, Windows Secure Workstation, Windows Defence Counsel, My Security Wall, Best Malware Protection, Windows Telemetry Center, Windows Safety Series, Windows Guardian Angel, Windows Pro Solutions, Windows Maintenance Guard, Windows Trouble Taker, Windows PC Aid, Windows Antivirus Machine, Windows Home Patron, Windows Active Guard, Windows Care Taker, Windows Antivirus Release, Windows Managing System, Windows Defending Center, Windows Pro Defence, Windows Privacy Extension, PC Live Guard, Windows Smart Partner, Windows Premium Guard, XP Smart Security, Smart Anti-Malware Protection, Windows Health Keeper, Windows Custodian Utility, Windows Virus Hunter, Smart Security, Windows Antihazard Solution, Windows Protection Unit, Windows Virtual Firewall, Windows Guard Solutions, Windows Advanced Security Center, Windows Basic Antivirus, Windows Warding System, Windows Proprietary Advisor, My Security Engine, Windows Functionality Checker, Windows Antivirus Rampart, Windows Advanced User Patch, Antivirus Smart Protection, Windows Secure Surfer, Windows Interactive Safety, Windows Expert Series, Internet Security Suite, Windows Risk Minimizer, Virus Doctor, Windows Multi Control System, Windows Process Director, Windows Custom Management, VirusSecurity, Windows Malware Sleuth, Windows Sleek Performance, Windows Premium Console, Windows Activity Debugger, Windows Safety Wizard, Windows Anti-Malware Patch, Windows Protection Maintenance and Windows Protection Master. In spite of its anti-virus software looks, Windows Safety Module’s pop-up alerts, system scans and other forms of system analysis always contain inaccurate information about your PC – usually with reference to nonexistent infections or ongoing attacks (such as unauthorized network activity). SpywareRemove.com malware experts caution anything other than ignoring Windows Safety Module’s warnings, which can cause you to damage innocent files or programs if you pay heed to their recommendations.
As the final note to its symphony of fraud, Windows Safety Module will repeatedly encourage you to spend money on a purchasable registration key to solve any and all problems your PC might be experiencing (which are, in reality, likely to originate from Windows Safety Module or related PC threats). SpywareRemove.com malware research team strongly discourages this for the safety of both your funds and any linked financial data, but registering Windows Safety Module with the free code ’0W000-000B0-00T00-E0020′ may prove useful before attempting to delete Windows Safety Module for good.
Acquiring the Real Security That Windows Safety Module Doesn’t Want You to Have
Windows Safety Module’s presence is also likely to coincide with various security issues, most noticeably including blocked access to security and anti-malware programs. Starting Windows without Windows Safety Module launching – for instance, by using a Safe Mode boot or booting from a removable drive – will allow you to circumvent this blockade and remove Windows Safety Module with a suitable anti-malware application. In the meantime, SpywareRemove.com malware research team also warns that victims of Windows Safety Module attacks should anticipate:
- Altered Windows settings that allow you to download unsafe files (such as files with nonvalid signature identification) without corresponding warnings from Windows.
- Browser redirects to harmful sites, particularly after you attempt to use a search engine.
- Unauthorized network activity that bypasses the Windows Firewall to report Windows Safety Module’s installation on your PC.
- Disabled Windows security features such as the User Access Control.
Windows Safety Module Automatic Detection Tool (Recommended)
Is your PC infected with Windows Safety Module? To safely & quickly detect Windows Safety Module, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect Windows Safety Module
What happens if Windows Safety Module does not let you open SpyHunter or blocks the Internet?
Visual & GUI Characteristics
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read
the tutorials on how to find malware,
kill unwanted processes,
remove malicious DLLs and
delete other harmful files. Always be
sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name Detection Count 1 %APPDATA%\ Protector-xxdf.exe 482 2 %APPDATA%\ Protector-dnuh.exe 49 3 %APPDATA%\ Protector-ajyh.exe 28 4 %AppData%\Protector-[RANDOM CHARACTERS].exe N/A 5 %AppData%\result.db N/A 6 %AppData%\NPSWF32.dll N/A
Registry Modifications
Tutorial: To edit and delete registry entries manually, read the tutorial on
how to remove malicious registry entries.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHTTPSToHTTPRedirect 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\InspectorHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\ID 4HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\net [date of installation]HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\UID [RANDOM CHARACTERS]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXEHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorAdmin 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorUser 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA 0
Additional Information
- The following messages's were detected:
# Message 1 Error Attempt to run a potentially dangerous script detected. Full system scan is a highly recommended. 2 Error Keylogger activity detected. System information security is at risk. It is recommended to activate protection and run a full system scan 3 Error Software without a digital signature detected. Your system files are at risk. We strongly advise you to activate your protection.
Posted: May 1, 2012 | By SpywareRemove
MoreThreat Level: 10/10
(No Ratings Yet)
Loading ...Rate this article:
Detection Count: 35
